Certified Ethical Hacker 312-50v10 – Question252

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation. What command will help you to search files using Google as a search engine?


A.
site: target.com filetype:xls username password email
B. domain: target.com archieve:xls username password email
C. inurl: target.com filename:xls username password email
D. site: target.com file:xls username password email

Correct Answer: A

Certified Ethical Hacker 312-50v10 – Question251

This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering and it will tell you the landscape looks like.
What is the most important phase of ethical hacking in which you need to spend a considerable amount of time?


A.
network mapping
B. footprinting
C. escalating privileges
D. gaining access

Correct Answer: B

Certified Ethical Hacker 312-50v10 – Question247

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain. If the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?


A.
list domain=abccorp.local type=zone
B. Is d accorp.local
C. list server=192.168.10.2 type=all
D. Iserver 192.168.10.2 t all

Correct Answer: B

Certified Ethical Hacker 312-50v10 – Question246

Which of the following statements is FALSE with respect to Intrusion Detection Systems?


A.
Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
B. Intrusion Detection Systems can examine the contents of the data in context of the network protocol
C. Intrusion Detection Systems can be configured to distinguish specific content in network packets
D. Intrusion Detection Systems require constant update of the signature library

Correct Answer: A

Certified Ethical Hacker 312-50v10 – Question244

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____ database structure instead of SQLs ______ structure. Because of this, LDAP has difficulty representing many-to-one relationships.


A.
Strict, Abstract
B. Simple, Complex
C. Relational, Hierarchical
D. Hierarchical, Relational

Correct Answer: D