认证道德黑客考试312-50v11CertifiedEthicalHackerv11Exam_CEH V11 test

CEH V11 test

題目:1-(uid:1)

While performing online banking using a Web browser, a user receives an email that contains

a link to an interesting Web site. When the user clicks on the link, another Web browser

session starts and displays a video of cats playing a piano. The next business day, the user

receives what looks like an email from his bank, indicating that his bank account has been

accessed from a foreign country. The email asks the user to call his bank and verify the

authorization of a funds transfer that took place. What Web browser-based security

vulnerability was exploited to compromise the user?

Which service in a PKI will vouch for the identity of an individual or company?

• A. KDC

• B. CR

• C. CBC

• D. CA

正確答案: D

題目:3-(uid:3)

Identify the web application attack where the attackers exploit vulnerabilities in dynamically

generated web pages to inject client-side script into web pages viewed by other users.

• A. LDAP Injection attack

• B. Cross-Site Scripting (XSS)

正確答案: B

• D. Presentation

正確答案: D

題目:5-(uid:5)

A new wireless client is configured to join a 802.11 network. This client uses the same

hardware and software as many of the other clients on the network. The client can see the

network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point

(WAP) is not responding to the association requests being sent by the wireless client. What is

a possible source of this problem?

• A. The WAP does not recognize the client's MAC address

• B. The client cannot see the SSID of the wireless network

題目:6-(uid:6)

• B. -F

• C. -P

• D. -sP

正確答案: B

Which of the following is the structure designed to verify and authenticate the identity of

individuals within the enterprise taking part in a data exchange?

• A. SOA

• B. biometrics

• C. single sign on

• D. PKI

題目:8-(uid:8)

modified pdf, saying that the links don't work. She reads your email, opens the links, and her

machine gets infected. You now have access to the company network. What testing method

did you use?

• A. Social engineering

• B. Piggybacking

• C. Tailgating

• D. Eavesdropping

正確答案: A

題目:9-(uid:9)

If a tester is attempting to ping a target that exists but receives no response or a response

that states the destination is unreachable, ICMP may be disabled and the network may be

• A. Traceroute

正確答案: B

題目:10-(uid:10)

Which is the first step followed by Vulnerability Scanners for scanning a network?

• B. Firewall detection

• C. TCP/UDP Port scanning

• D. Checking if the remote host is alive

• A. Polymorphic virus

• B. Multipart virus

• C. Macro virus

• D. Stealth virus

正確答案: C

Macro virus 巨集病毒 Stealth virus 隱形病毒

題目:12-(uid:12)

A technician is resolving an issue where a computer is unable to connect to the Internet using

a wireless access point. The computer is able to transfer files locally to other machines, but

cannot successfully reach the Internet. When the technician examines the IP address and

default gateway they are both on the

192.168.1.0/24. Which of the following has occurred?

• A. The computer is not using a private IP address.

• B. The gateway is not routing to a public IP address.

• C. The gateway and the computer are not on the same network.

• D. The computer is using an invalid IP address.

正確答案: B

題目:14-(uid:14)

Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of