CEH v10 Memory Check | Questions And Answers Latest {2024- 2025} A+ Graded | 100%
Verified
An IT employee got a call from one of our best customers. The caller wanted to know about the
company's network infrastructure, systems, and team. New opportunities of integration are in sight for
both company and customer. What should this employee do?
A.
Since the company's policy is all about Customer Service, he/she will provide information.
B.
Disregarding the call, the employee should hang up.
C.
The employee should not provide any information without previous management authorization.
D.
The employees can not provide any information; but, anyway, he/she will provide the name of the
person in charge. - C.
The employee should not provide any information without previous management authorization.
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he configure
properly the firewall to allow access just to servers/ports which can have direct internet access, and
block the access to workstations. Bob also concluded that DMZ really makes sense just when a stateful
firewall is available, which is not the case of TPNQM SA.
In this context, what you can say?
A.
Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations.
B.
Bob is partially right. Actually, DMZ doesn't make sense when a stateless firewall is available.
C.
Bob is partially right. He doesn't need to separate networks if he can create rules by destination IPs, one
by
,one.
D.
Bob can be right, DMZ doesn't make sense combined with stateless firewalls. - A.
Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations.
Bob received this text message on his mobile phone: ""Hello, this is Scott Smelby from the Yahoo Bank.
Kindly contact me for a vital transaction on: "". Which statement below is true?
A.
This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
B.
Bob should write to to verify the identity of Scott.
C.
This is a scam because Bob does not know Scott
D.
This is probably a legitimate message as it comes from a respectable organization. - A.
This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
You are using NMAP to resolve domain names into IP addresses for ping sweep later.
Which of the following commands looks for IP addresses?
A.
>host -t a hackeddomain.com
B.
>host -t ns hackeddomain.com
C.
>host -t soa hackeddomain.com
D.
>host -t AXFR hackeddomain.com - A.
, >host -t a hackeddomain.com
Why are containers are less secure that virtual machines?
A.
Containers may fullfill disk space of the host.
B.
A compromise container may cause a CPU starvation of the host.
C.
Containers are attached to the same virtual network.
D.
Host OS on containers has a larger surface attack. - B.
A compromise container may cause a CPU starvation of the host.
A bank stores and processes sensitive privacy information related to home loans. However, auditing has
never been enabled on the system. What is the first step that the bank should take before enabling the
audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review. - B.
Determine the impact of enabling the audit feature.
Verified
An IT employee got a call from one of our best customers. The caller wanted to know about the
company's network infrastructure, systems, and team. New opportunities of integration are in sight for
both company and customer. What should this employee do?
A.
Since the company's policy is all about Customer Service, he/she will provide information.
B.
Disregarding the call, the employee should hang up.
C.
The employee should not provide any information without previous management authorization.
D.
The employees can not provide any information; but, anyway, he/she will provide the name of the
person in charge. - C.
The employee should not provide any information without previous management authorization.
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he configure
properly the firewall to allow access just to servers/ports which can have direct internet access, and
block the access to workstations. Bob also concluded that DMZ really makes sense just when a stateful
firewall is available, which is not the case of TPNQM SA.
In this context, what you can say?
A.
Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations.
B.
Bob is partially right. Actually, DMZ doesn't make sense when a stateless firewall is available.
C.
Bob is partially right. He doesn't need to separate networks if he can create rules by destination IPs, one
by
,one.
D.
Bob can be right, DMZ doesn't make sense combined with stateless firewalls. - A.
Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations.
Bob received this text message on his mobile phone: ""Hello, this is Scott Smelby from the Yahoo Bank.
Kindly contact me for a vital transaction on: "". Which statement below is true?
A.
This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
B.
Bob should write to to verify the identity of Scott.
C.
This is a scam because Bob does not know Scott
D.
This is probably a legitimate message as it comes from a respectable organization. - A.
This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
You are using NMAP to resolve domain names into IP addresses for ping sweep later.
Which of the following commands looks for IP addresses?
A.
>host -t a hackeddomain.com
B.
>host -t ns hackeddomain.com
C.
>host -t soa hackeddomain.com
D.
>host -t AXFR hackeddomain.com - A.
, >host -t a hackeddomain.com
Why are containers are less secure that virtual machines?
A.
Containers may fullfill disk space of the host.
B.
A compromise container may cause a CPU starvation of the host.
C.
Containers are attached to the same virtual network.
D.
Host OS on containers has a larger surface attack. - B.
A compromise container may cause a CPU starvation of the host.
A bank stores and processes sensitive privacy information related to home loans. However, auditing has
never been enabled on the system. What is the first step that the bank should take before enabling the
audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review. - B.
Determine the impact of enabling the audit feature.
