- (Topic 5)
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
Correct Answer:E
If a rootkit is discovered, you will need to reload from known good media. This typically means performing a complete reinstall.
- (Topic 7)
ARP poisoning is achieved in steps
Correct Answer:B
The hacker begins by sending a malicious ARP "reply" (for which there was no previous request) to your router, associating his computer's MAC address with your IP Address. Now your router thinks the hacker's computer is your computer. Next, the hacker sends a malicious ARP reply to your computer, associating his MAC Address with the routers IP Address. Now your machine thinks the hacker's computer is your router. The hacker has now used ARP poisoning to accomplish a MitM attack.
- (Topic 4)
Which of the following tools are used for enumeration? (Choose three.)
Correct Answer:BDE
USER2SID, SID2USER, and DumpSec are three of the tools used for system enumeration. Others are tools such as NAT and Enum. Knowing which tools are used in each step of the hacking methodology is an important goal of the CEH exam. You should spend a portion of your time preparing for the test practicing with the tools and learning to understand their output.
- (Topic 23)
Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web Server.
User-agent: * Disallow: /images/ Disallow: /banners/ Disallow: /Forms/ Disallow: /Dictionary/ Disallow: /_borders/ Disallow: /_fpclass/ Disallow: /_overlay/ Disallow: /_private/ Disallow: /_themes/
What is the name of this file?
Correct Answer:A
- (Topic 7)
What does the following command in "Ettercap" do? ettercap –NCLzs –quiet
Correct Answer:C
-L specifies that logging will be done to a binary file and –s tells us it is running in script mode.